we have access to that camera now. so here, if we zoom in tight on the keyboard, we can see the keys that he s pressing to put his password in for his laptop. so now, two things have happened. i own that device now, i can do whatever i want with it. i can disable it or i can use it to watch what s going on at the bbc. the second thing is that the bbc no longer has control of that device. zoomed in, i can see his phone screen. so we now have a username and password for the bbc network. right. ..and we have the passcode to a bbc employee s phone from this camera. correct. and this is akin to a locksmith giving you a key to your home. yeah. ..and then secretly making a master key for all of the locks in that community.
so now, two things have happened. i own that device now, i can do whatever i want with it. i can disable it or i can use it to watch what s going on at the bbc. the second thing is that the bbc no longer has control of that device. zoomed in, i can see his phone screen. so we now have a username and password for the bbc network. right. ..and we have the passcode to a bbc employee s phone from this camera. correct. and this is akin to a locksmith giving you a key to your home. yeah. ..and then secretly making a master key for all of the locks in that community. that s effectively what hikvision engineers did. hikvision says its. ..and were not deliberately programmed with this flaw. the camera panorama tested contained a vulnerability that was first discovered in 2017.